<?php


/**
* Change logs
* Feb 14, 2011 - trungdt - based on login action, login with ajax support
*/
if (!defined('EXPONENT')) exit('');

if (!defined('SYS_USERS')) require_once('subsystems/users.php');
if (!isset($_POST['username']))
{
    $_POST['username']="";
}
else
{
    $_POST['username']=_ab_safe_html_string($_POST['username']);
}

if (!isset($_POST['password']))
{
    $_POST['password']="";
}
else
{
    $_POST['password']=_ab_safe_html_string($_POST['password']);
}
exponent_users_login($_POST['username'],$_POST['password']);

if (!isset($_SESSION[SYS_SESSION_KEY]['user'])) {
    // determine that user who want to login is locked or not?
    $u=exponent_users_getUserByName($_POST['username']);
    if ($u->is_locked == 1)
        echo exponent_lang_getText("login_not_approved");
    else
	    echo exponent_lang_getText("login_failed");
} else {    
	//exponent_sessions_clearCurrentUserSessionCache(); 
    echo "OK";
}

?>
